Anomaly detection of excessive network traffic based on ratio and volume analysis

Authors:
Hyun Joo Kim;Jung C. Na;Jong S. Jang
Affiliations:
Network Security Department, Electronics and Telecommunications Research Institute, Daejeon, Korea;Network Security Department, Electronics and Telecommunications Research Institute, Daejeon, Korea;Network Security Department, Electronics and Telecommunications Research Institute, Daejeon, Korea
Venue:
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Year:
2006

Citing 2
Cited 0

Characteristics of network traffic flow anomalies

IMW '01 Proceedings of the 1st ACM SIGCOMM Workshop on Internet Measurement
A signal analysis of network traffic anomalies

Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recent attacks typically cause not only traffic congestion but also network failure exhausting network bandwidth, router processing capacity using the abnormal traffic or excessive network traffic, so that they can have an extremely large impact on the public network. Therefore we propose the detection mechanism of network traffic anomalies. This mechanism analyzes flow data based on the statistical anomaly detection, which supports the two analysis method- ratio based analysis and volume based analysis and correlates the results from these two models.